Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-4342

Don't try to invalidate a session ID of an empty string

    XMLWordPrintable

    Details

    • Type: Suggestion
    • Status: Closed (View Workflow)
    • Resolution: Fixed
    • Fix Version/s: 2.8.3
    • Component/s: None
    • Labels:
      None
    • Feedback Policy:

      Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Description

      Since CWD-4271, deleting an empty session token results in invalidating all sessions. As this was never an expected value, specifically check for it and fail locally.

      At the same time, check for cases that are calling this conditionally on having a session token and ensure they don't treat it as something that can be invalidated.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jwalton joe
              Reporter:
              jwalton joe
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: